The present invention relates to industrial controllers controlling factory automation and/or industrial processes and in particular to a system providing enhanced security for industrial control systems against malicious acts.
Industrial control systems have traditionally been protected against tampering or malicious activity by the same safeguards used to protect the physical equipment of the factory or the like, that is limiting physical access to the industrial controller and its associated equipment.
Modern industrial control systems employing distributed processing as well as network and Internet connections have greater exposure to attack. While such systems may be physically secured, more points of security must be established for distributed systems, and network connections to the Internet can render physical security irrelevant. Recent evidence suggests that access to industrial control systems through the Internet is being exploited by sophisticated and well-funded foreign nations or organizations. In one example, the United States Industrial Control System Cyber Emergency Response Team (ICS-CERT) has provided a warning related to malware (Black Energy) attacking the human machine interfaces (HMI) of programmable logic controllers used to manage and control industrial equipment. There is anecdotal evidence of successful Internet-based attacks directly on industrial control systems.
Unlike attacks on standard computer equipment and servers, attacks on industrial control systems can conceivably produce damage to physical property and risk to human life.